<?php
# !!!!!!!!!! DON'T MAKE ANY CHANGE IF YOU DON'T KNOW WHAT YOU'RE DOING !!!!!!!!!!
// --------------------------------------------------------------------------------------------------------------
// File Name              :	lostpass.php
// Last Modification Time	:	2008-02-01 24:00
// Last Modified by       :	turker (turker.biz@gmail.com)
// list of modifications	:
//
//	- 2008-02-01 turker
//		* 24:00 file created.
//
// --------------------------------------------------------------------------------------------------------------
if (eregi("lostpass.php",$_SERVER['PHP_SELF'])) {
	header ("Location:../index.php");
	exit;
}
?>
<!--div:icerik -->
    <div id="icerik">
      <p>
<?php
if (empty($_POST)) {
  $action='index.php?page=lostpass';
  if ($SITE_SEO) $action=$SITE_URL.'/lostpass';
?>
<script type="text/javascript">
$(document).ready(function(){
  $("#send").click(function(){
    $("#send").val(" <?php echo $_LANG['lostpass']['plswait']; ?> ");
    $("#send").attr("disabled","disabled");
    var name=$.trim($("#name").val());
    var mail=$.trim($("#email").val());
    if (name.length<5||name.length>55) {
      alert("<?php echo $_LANG['lostpass']['error2']; ?>");
      $("#name").focus();
    }
    else if (mail.length<6||mail.length>55) {
      alert("<?php echo $_LANG['lostpass']['error1']; ?>");
      $("#email").focus();
    }
    else $("#lostForm").submit();
    $("#send").val(" <?php echo $_LANG['lostpass']['snpass']; ?> ");
    $("#send").attr("disabled","");
  });
});
</script>
    <form method="post" action="<?php echo $action; ?>" id="lostForm" class="box">
      <label><?php echo $_LANG['general']['name'];?>: </label><input type="text" maxlength="55" name="name" id="name" /><br />
      <label><?php echo $_LANG['general']['email'];?>: </label><input type="text" maxlength="55" name="email" id="email" /><br />
      <label></label><input type="button" value=" <?php echo $_LANG['lostpass']['snpass']; ?> " id="send" class="input-submit" />
    </form><br />
<?php
  if ($USER_EMAL_VALID) {
    if (!$SITE_SEO) echo '<a href="index.php?page=sendact" class="mlink">'.$_LANG['general']['sendact'].'</a>';
    else echo '<a href="'.$SITE_URL.'/sendact" class="mlink">'.$_LANG['general']['sendact'].'</a>';
  }
}
else {
  $name=@$_POST['name'];
  $email=@$_POST['email'];

  # check POST
  $valid=new Validation();
  $valid->inRange($name,55,5,$_LANG['lostpass']['error2']);
  $valid->inRange($email,55,6,$_LANG['lostpass']['error1']);
  $valid->checkEmail($email,$_LANG['general']['imail']);

  if ($valid->isError()) $valid->listErrors();
  else { #no error
    $name=$mysql->escape($name);
    $email=$mysql->escape($email);

    $q=$mysql->query("select level,id from $USERS_TABLE where email='$email' and name='$name'");
    if ($mysql->numRows($q)==1) {
      $id=$mysql->result($q,'id');
      $level=$mysql->result($q,'level');
      if ($level>0) {
        $new_pass=createPass();
        $pass=md5(strrev(md5($mysql->escape($new_pass))));

        $q=$mysql->query("update $USERS_TABLE set password='$pass' where id='$id'");
        if ($q) {
          $message=$NEWPASS_MAIL_BODY.'<br />'.$_LANG['general']['email'].': '.$email.' , '.$_LANG['lostpass']['npass'].': '.$new_pass
          .'<br /><br />'.$MAIL_SIGNATURE;

          $mail=sendMail($email,$SITE_CONTACT_MAIL,$NEWPASS_MAIL_HEADER,$message);
          if ($mail) echo $_LANG['lostpass']['npsent'];
          else echo $_LANG['lostpass']['error3'].' '.$_LANG['errors']['error1'].' '.$SITE_ADMIN_MAIL;
        }
        else echo $_LANG['lostpass']['error4'].' '.$_LANG['errors']['error3'];
      }
      else {
        echo $_LANG['lostpass']['error5'];
        if (!$SITE_SEO) echo '<a href="index.php?page=sendact" class="mlink">'.$_LANG['general']['sendact'].'</a>';
        else echo '<a href="'.$SITE_URL.'/sendact" class="mlink">'.$_LANG['general']['sendact'].'</a>';
      } // else
    }
    else '<br />'.$_LANG['lostpass']['error6'];
  }
}
?>
      </p>
    </div>
<!--//div:icerik -->